Description

Partner Software's Partner Software application and Partner Web application allows an authenticated user to add notes on the 'Notes' page when viewing a job but does not completely sanitize input, making it possible to add notes with HTML tags and JavaScript, enabling an attacker to add a note containing malicious JavaScript, leading to stored XSS (cross-site scripting).

INFO

Published Date :

2025-08-02T02:15:55.155Z

Last Modified :

2025-08-02T02:15:55.155Z

Source :

certcc
AFFECTED PRODUCTS

The following products are affected by CVE-2025-6078 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-6078.

URL Resource
https://partnersoftware.com/resources/software-release-info-4-32/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System